nicolas wrote:
> I own all the original Doom iwads, I just ask if it is possible to
> rename the FreeDoom iwad in freedoom.wad instead of doom2.wad.
> Just to prevent a confusion.
> Of course there can be also another package that creates a link
> doom2.wad->freedoom.wad for the player that doe
nicolas wrote:
> >The correct solution would be an installer package for the Doom II
> >WAD files, that makes use of the Provides: mechanism to provide
> >a doom-2-wad alternative.
>
> I want to play Doom2 and FreeDoom so that's the solution?
It would boil down to a simple
# update-alternative --
Package: libavcodec-dev
Version: 0.cvs20050106-1
Severity: grave
Tags: security
Justification: user security hole
[Cc'ing security@, as at least xine-lib embeds libavcodec, there may be
more, I haven't investigated whether they are affected, but I assume it's
the case]
The most recent ffmpeg-cvs-
Lee Maguire wrote:
> Package: prboom
> Version: 2:2.2.6-1
>
> Running prboom just results in the message "Illegal instruction".
>
> $ prboom
>
> prboom v2.2.6 (http://prboom.sourceforge.net/)
> Illegal instruction
I cannot reproduce this on my system. Can you please run prboom
from inside gdb a
Package: webcalendar
Severity: grave
Tags: security
Justification: user security hole
Multiple SQL injection vulnerabilities have been found in webcalendar,
plus an additional vulnerability that allows overwriting files. Please
see http://www.ush.it/2005/11/28/webcalendar-multiple-vulnerabilities/
Package: php5
Severity: important
Tags: security
Quoting from http://bugs.php.net/bug.php?id=35307:
Description:
The unexpected header can be injected at the mb_send_mail function.
The mail function is doing the check of the unexpected control code to
"To" and "Subject".
Howev
Hi,
this has been assigned CVE-2005-3862, please mention it in the changelog
when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Julien Lemoine wrote:
>I decided to apply the following patch (attached) to ktools in order
> to avoid security
> problem in centericq. I am waiting for better patch from upstream and
> will include it
> as soon as it will be available.
This vulnerability has been assigned CVE-2005-3863 by M
Package: perl
Version: 5.8.7-8
Severity: grave
Tags: security
Justification: user security hole
An integer overflow in perl's format string code may allow remote code
execution in application using that specific functionality. Please see
http://www.dyadsecurity.com/perl-0002.html for more details
Package: nuauth
Severity: important
Tags: security
Quoting from http://www.nufw.org/+NUFW-1-16-minor-security-fix+.html:
| This is a security release. The NuFW team has identified a problem
| that could lead to Denial of Service from legitimate users of the
| authentication service.
|
| The bug
Hi,
This has been assigned CVE-2005-3691 for the file overwrite issue
and CVE-2005-3949 for the SQL injection vulnerabilities.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-3912, please mention it in the
changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Dear security team,
so far there hasn't been a security update for the latest evolution
vulnerabilities. (CVE-2005-2549/CVE-2005-2550)
I've attached patches for Woody and Sarge. The Sarge fixes are straightforward,
but some comments on Woody, relative to the patch hunks from the Sarge fix:
- accum_
Package: webcalendar
Severity: grave
Tags: security
Justification: user security hole
Two more vulnerabilities have been discovered in webcalendar:
1. SQL injection through the time_range parameter (CVE-2005-3984)
2. CRLF injection in layers_toggle.php (CVE-2005-3982)
Please see http://vd.lwang.
Package: openmotif
Severity: grave
Tags: security
Justification: user security hole
Two exploitable buffer overflows have been found in OpenMotif. Please
see http://marc.theaimsgroup.com/?l=full-disclosure&m=113349242925897&w=2
for details. This has been assigned CVE-2005-3964, please mention it
Micah Anderson wrote:
> Package: surfraw
> Version: 2.1.1
> Severity: normal
> Tags: patch
>
> this causes parse difficulties for the zsh completion which does a match
> on: "$(surfraw -elvi)"}%%[[:space:]]##--*}
Thanks, fixed in CVS.
> Additionally, the help is not very useful.
Which help do yo
Thomas Huriaux wrote:
> Since you are no longer using debconf, please remove the debian/po
> directory. The l10n infrastructure detects the presence of a
> debian/po/templates.pot to know what should be translated. Therefore,
> you will receive pointless translations as long as this file is in your
Package: ffmpeg
Version: 0.cvs20050918-5
Severity: grave
Tags: security
Justification: user security hole
An exploitable heap overflow has been found in libavcodec's handling
of images with PIX_FMT_PAL8 pixel formats. Please see
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558
for mor
Package: libxine1
Version: 1.0.1-1.4
Severity: grave
Tags: security
Justification: user security hole
An exploitable heap overflow has been found in libavcodec's handling
of images with PIX_FMT_PAL8 pixel formats. xine-lib's embedded copy
is vulnerable as well. Please see
http://article.gmane.org
tags 342276 security
thanks
Hi,
gpdf is in fact vulnerable to the latest xpdf issues from iDefense.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: pdftohtml
Severity: grave
Tags: security
Justification: user security hole
Some security problems have been found in xpdf, of which pdftohtml ships
a local copy. It is therefore vulnerable to a subset of the xpdf issues
(not all of them, as it ships an older copy than current xpdf):
CVE-
tag 342287 security
thanks
Hi,
I can confirm that kpdf is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "u
Package: tetex-bin
Version: 3.0-10.1
Severity: grave
Tags: security
Justification: user security hole
Multiple exploitable security problems have been found in xpdf, which are
all present in tetex-bin's embedded xpdf copy as well:
Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerabilit
tags 342288 security
thanks
Hi,
I can confirm that poppler is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject o
Package: koffice
Severity: grave
Tags: security
Justification: user security hole
Some heap overflows have been found in xpdf, of which koffice ships
a local copy. It is therefore vulnerable to a subset of the xpdf issues:
CVE-2005-3191:
http://www.idefense.com/application/poi/display?id=342
http
Hi,
the patch provided by the xpdf author actually fixed CVE-2005-3191 and
CVE-2005-3192 as well. You might want to amend the changelog in a later
upload to avoid confusion.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [E
Package: curl
Version: 7.15.0-5.1
Severity: important
Tags: security
Quoting Stefan Esser:
| During a quick scan of the URL parsing code within libcurl, it was
| discovered, that certain malformed URLs trigger an off-by-one(two)
| bufferoverflow. This may lead to unintended arbitrary code executio
tags 342276 -security
thanks
I made a typo and tagged the wrong bug.
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4048, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: imp4
Severity: important
Tags: security
It has been discovered that an Internet Explorer specific interpretation
flaw can be abused to bypass the sanitising features of IMP. Please see
http://article.gmane.org/gmane.comp.security.bugtraq/20693
for more information.
In a followup on of th
Package: ethereal
Version: 0.10.13-1
Severity: important
Tags: security
Justification: user security hole
Another security problem has been discovered in Ethereal. This time it's
a buffer overflow in the OSPF dissector. Please see
http://www.idefense.com/application/poi/display?id=349&type=vulner
Package: horde3
Severity: important
Tags: security
Several security problems have been fixed in Horde. Please see
http://lists.horde.org/archives/announce/2005/000238.html for
details. It's fixed upstream in 3.0.8.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
Package: kronolith
Severity: important
Tags: security
Several cross-site-scripting vulnerabilities have been found in
Kronolith. Please see
http://lists.horde.org/archives/announce/2005/000234.html for
details. It's been fixed upstream in 2.0.5
Cheers,
Moritz
-- System Information:
Debia
Package: mnemo2
Severity: important
Tags: security
Several XSS vulnerabilities have been found in Mnemo. Please see
http://lists.horde.org/archives/announce/2005/000237.html for
details. It's been fixed upstream in 2.0.2.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unst
Package: nag2
Severity: important
Tags: security
Multiple XSS vulnerabilities have been found in nag. Please see
http://lists.horde.org/archives/announce/2005/000236.html for
details. It's been fixed upstream in 2.0.3.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstabl
Package: turba2
Severity: important
Tags: security
Multiple XSS vulnerabilities have been found in Turba. Please see
http://lists.horde.org/archives/announce/2005/000235.html for details.
It's been fixed upstream in 2.0.4.
Cheers,
Moritz
-- System Information:
Debian Release: testing/uns
Package: sudo
Severity: important
Tags: security
Quoting from http://www.sudo.ws/sudo/alerts/perl_env.html :
| The PERL5LIB and PERLLIB environment variables can be used to provide a list
of
| directories in which to look for perl library files before the system
directories are
| searched. It is
Hi,
this has been assigned CVE-2005-4190, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4189, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4192, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
this has been assigned CVE-2005-4191, please mention it
in the changelog when fixing it.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: trac
Severity: important
Tags: security
Another XSS vulnerability has been reported for Trac. Details
are sparse, the only reference I could find so far is
http://www.frsirt.com/english/advisories/2005/2936
This has been assigned CVE-2005-4305, please mention it in the
changelog when fix
Hi,
Upstream's response for this:
| phpMyAdmin's team answer to vulnerability announcement
| of Dec 17, 2005
| [ http://www.securityfocus.com/archive/1/419709/30/0/threaded ]
|
| We don't think that this is a real threat. The server_privileges.php
| script checks at the beginning if the user is pr
Package: cpio
Version: 2.6-9
Severity: important
Tags: security
Justification: user security hole
For very large archives the ASCII representation of the file size
may exceed eight bytes and trigger a buffer overflow. Please see
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669 for
detai
Martin Schulze wrote:
> The attached patch only uses the variables listed in env_check to
> be passed to the setuid environment. This will preserve language
> settings by default, but nothing more.
>
> What do people think about this?
The patch itself looks fine for sid (although HOME, LOGNAME,
Package: blender
Version: 2.37a-1.1
Severity: grave
Tags: security
Justification: user security hole
An integer overflow in the header parser for .blend files can potentially
be exploited to execute code through a heap overflow. Please see
http://www.overflow.pl/adv/blenderinteger.txt for details
Package: asterisk-web-vmail
Version: 1:1.0.9.dfsg-5
Severity: important
Tags: security
vmail.cgi doesn't clean a parameter passed by the web user which is
later used to open a file and return a raw stream to the user.
This allows any authenticated user of the voicemail system to listen to
othe
tag 338052 pending
thanks
Daniel Nylander wrote:
> Here is the swedish translation for Lincity-NG.
Thanks, it has been forwarded upstream and will probably appear in the
next maintenance release.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscri
Martin Schulze wrote:
> > > Due to a bug in the environment variable substitution code it is
> > > possible to inject environment variables such as LD_PRELOAD and gain a
> > > root shell.
> >
> > Confirmed.
> >
> > Joey we'll need an ID for it.
>
> Please use CVE-2005-3344 and inform vendor-
Package: sylpheed
Severity: grave
Tags: security
Justification: user security hole
A remotely exploitable buffer overflow was found in Sylpheed. Quoting
from the web site:
| Since a security hole was discovered, the fixed versions were released.
| All users are recommended to upgrade.
|
| There
Package: sylpheed-claws
Severity: grave
Tags: security
Justification: user security hole
Buffer overflows have been found in Sylpheed-Claws's LDID/pine/mutt
address book import features. Quoting from the 1.9.100 release
announcement:
* Buffer overflows in the address book 'Import LDIF/Mutt/Pine f
Package: moodle
Severity: grave
Tags: security
Justification: user security hole
An SQL injection vulnerability has been found in Moodle. Please
see http://rgod.altervista.org/moodle16dev.html for more information
and a proof-of-concept exploit.
Cheers,
Moritz
-- System Information:
Debi
Package: linux-ftpd-ssl
Severity: grave
Tags: security
Justification: user security hole
A remotely exploitable buffer overflow has been found in linux-ftpd-ssl.
Please see http://seclists.org/lists/fulldisclosure/2005/Nov/0140.html for
a PoC exploit.
A proposed patch is available at
http://secli
Package: rar
Severity: grave
Tags: security
Justification: user security hole
RAR 3.51 fixes two unspecified security problems:
| fixed two vulnerabilities, which could be exploited with
| specially crafted ACE and UUE/XXE archives;
Due to the non-free nature of rar I'm not sure whether rar 3.30
Package: phpsysinfo
Severity: grave
Tags: security
Justification: user security hole
Two security problems have been found in phpsysinfo. Please see
http://www.hardened-php.net/advisory_212005.81.html for more
information. 2.4.1 fixes these issues.
MITRE has assigned the identifiers CVE-2005-3347
Package: kernel-patch-openswan
Version: 1:2.4.0-3
Severity: grave
Tags: security
Justification: user security hole
The Oulu University Secure Programming Group has discovered several
problems in ISAKMP implementations. openswan is among the affected
products. Please see
http://www.niscc.gov.uk/nis
Package: php5
Severity: grave
Tags: security
Justification: user security hole
Two security problems have been found in PHP5. For details please see
http://www.hardened-php.net/advisory_012006.112.html
http://www.hardened-php.net/advisory_022006.113.html
PHP 4 is not affected, so this only affec
Florian Ernst wrote:
> Package: wnpp
> Severity: normal
>
> [X-Debbugs-CC'd to Moritz Muehlenhoff <[EMAIL PROTECTED]>, the maintainer
> of lincity-ng, as he might be interested]
I'm not interested. Noawadays it's only interesting for people using
low-
Steve Kemp wrote:
> > Please tell whether you deem those patches sufficient for a potential
> > future security advisory, and if not, please provide pointers at what
> > might be missing.
>
> It looks good to me.
I can confirm the patch for CVE-2005-3302 is correct, I've sent a similar
patch a
Wouter van Heyst wrote:
> I only understand the basics of heap-based overflows, I do not yet see
> how to use this one. Someone explaining it would be very welcome.
The two most common ways to exploit integer problems are
a) Integers, which control a memory allocation: By letting this integer
Martin Schulze wrote:
> Yes. I've copied it into the private security archive.
>
> Next steps:
>
> a) what about woody
Woody is vulnerable as well, the vulnerable code is present in
syncshadowdb:164
Alexis, you can download the Woody sources through packages.debian.org.
Cheers,
Morit
Package: phpbb2
Severity: important
Tags: security
Please have a look at:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113484567432679&w=2
The mentioned path disclosure is obviously not a problem, but does
the described XSS issue have real-world security implications?
Cheers,
Moritz
Martin Schulze wrote:
> Moritz Muehlenhoff wrote:
> > Package: ethereal
> > Version: 0.10.13-1
> > Severity: important
> > Tags: security
> > Justification: user security hole
> >
> > Another security problem has been discovered in Ethereal. Thi
Dave,
this has been assigned CVE-2005-4534 by MITRE. Please refer to it
in the 2.16.11 release notes.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: ethereal
Version: 0.10.13-1.1
Severity: important
Tags: security
0.10.14 fixes three vulnerabilites; CVE-2005-3651, the OSPF buffer overflow
discovered by iDefense, the DoS/endless loop in the IRC dissector (already
mentioned in #334880. The third one is DoS vulnerability in the GTP disse
Package: bzflag-server
Severity: important
Tags: security
| The callsigns used by the clients are not checked or re-delimited by
| the server so is possible for a client to pass a callsign with no NULL
| bytes at its end causing problems (crash) to the server during the
| handling of this string.
Package: mediawiki
Severity: normal
Tags: security
MediaWiki 1.5.4 fixes an Internet Explorer specific XSS vulnerability.
I'm unsure, whether this is an issue that should be fixed in IE instead,
if this is not the case, please check, whether 1.4.* is affected.
Cheers,
Moritz
-- System In
Package: mantis
Severity: grave
Tags: security
Justification: user security hole
Lots of vulnerabilites have yet again been found in Mantis:
CVE-2005-4524:
Notes on private bugs may be leaked.
CVE-2005-4523:
Private bugs may be leaked through RSS feeds.
CVE-2005-4522:
XSS in view_filters_pa
Hilko Bengen wrote:
> Thijs Kinkhorst <[EMAIL PROTECTED]> writes:
>
> > If/when I'll upload to unstable I'll orphan the package, unless Hilko
> > wants to keep on maintaining it for now.
>
> Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I
> could do a quick uploead for unstabl
Gustavo Noronha Silva wrote:
> You filled ITP 326797 some time ago. I see you have not yet closed it,
> and there's no package listed in the NEW queue either. Are you still
> planing to package this software to Debian?
After having filed the ITP I did some deeper testing and Pentagram
was too much
Package: debsecan
Version: 0.3.4
Severity: wishlist
It would be nice if debsecan would support a local white list. So, if
there's a long-standing unfixed vulnerability that doesn't affect my
system (e.g. because I don't use the vulnerable option or because it's
only available to local, trusted use
Package: mantis
Version: 0.19.2-4
Severity: grave
Tags: security
Justification: user security hole
Another security problem has been found in mantis. Insufficient
input sanitising of the t_core_path parameter may be exploited
to perform arbitrary file inclusion. Please see
http://secunia.com/secu
Package: flyspray
Severity: grave
Tags: security
Justification: user security hole
Multiple Cross-Site-Scripting vulnerabilties have been found in
Flyspray. Have a look at
http://lostmon.blogspot.com/2005/10/flyspray-bug-killer-multiple-variable.html
for more details. This has been assigned CVE-2
Thijs Kinkhorst wrote:
> > Another security problem has been found in mantis. Insufficient
> > input sanitising of the t_core_path parameter may be exploited to perform
> > arbitrary file inclusion. Please see
> > http://secunia.com/secunia_research/2005-46/advisory/ for details.
>
> Hello Moritz,
Package: acidbase
Severity: grave
Tags: security
Justification: user security hole
A SQL injection vulnerability has been found in BASE. Please see
http://www.frsirt.com/english/advisories/2005/2188 for details.
This has been assigned CVE-2005-3325, please mention so in the
changelog, when fixing
Package: php4
Version: 4:4.4.0-4
Severity: important
Tags: security
Please see
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
and http://bugs.gentoo.org/show_bug.cgi?id=107602 for more details.
It's been fixed upstream in 4.4.1.
This has been assigned CVE-2005-3319.
Ch
Package: php5
Version: 5.0.5-3
Severity: important
Tags: security
Please see
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
and http://bugs.gentoo.org/show_bug.cgi?id=107602 for more details.
It's been fixed upstream in 5.1.0.
This has been assigned CVE-2005-3319.
Chee
Package: libgnutls11
Version: 1.0.16-13.1
Severity: normal
Tags: security
Please see http://www.hornik.sk/SA/SA-20040802.txt for details. This has
been fixed upstream in 1.0.17.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (5
Martin Schulze wrote:
> > Thijs Kinkhorst wrote:
> > > > Another security problem has been found in mantis. Insufficient
> > > > input sanitising of the t_core_path parameter may be exploited to
> > > > perform
> > > > arbitrary file inclusion. Please see
> > > > http://secunia.com/secunia_researc
Package: fetchmail
Version: 6.2.5-18
Severity: normal
Tags: security
A minor security problem has been found in fetchmailconf; insecure file
creation may expose sensitive data such as password information. Please
see http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt for details.
This has been
Package: pam
Severity: important
Tags: security
Quoting from a Gentoo advisory:
| The SELinux patches for PAM introduce a vulnerability allowing a
| password to be checked with the unix_chkpwd utility without delay or
| logging. This vulnerability doesn't affect users who do not run
| SELinux.
Th
Hi,
what is the current status of pydev for Debian, now that Eclipse 3
is in main?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: eclipse-platform
Version: 3.1.1-3
Severity: normal
I can't install new extensions (features), I always get the error message
"Error creating feature
"file://usr/lib/eclipse/features/org.eclipse.platform \
.source_3.1.1
[/usr/lib/eclipse/features/org.eclipse.platform.source_3.1.1/feature.x
Stephan Michels wrote:
> On 10/30/05, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
> > Package: eclipse-platform
> > Version: 3.1.1-3
> > Severity: normal
> >
> > I can't install new extensions (features), I always get the error message
> > &
Thijs Kinkhorst wrote:
> > All affect Sarge.
>
> I've prepared updated packages for sarge. My updated package for sid is
> still pending with my sponsor Luk Claes. The updated packages for sarge
> are available here:
> http://www.a-eskwadraat.nl/~kink/mantis_sec/
>
> They are not signed since I'
Thijs Kinkhorst wrote:
> On Mon, October 31, 2005 16:07, Moritz Muehlenhoff wrote:
> > The included patches look fine and correlate to what I extracted from the
> > interdiff. But where's the fix for CVE-2005-3337 aka mantis bug 5959?
> >
> > The mantis bug is
Thijs Kinkhorst wrote:
> After reading that text, I come to the conclusion that this is an issue
> in IE, not in phpBB. The bug is that IE will interpret files of type
> text/jpeg as HTML if they are in fact HTML. Hence, this is not a bug in
> phpBB, but something that affects anything where users
Package: openvpn
Severity: grave
Tags: security
Justification: user security hole
A format string vulnerability has been found in openvpn's option parsing
code, which indirectly may be exploited remotely as well. Please see
http://cert.uni-stuttgart.de/archive/bugtraq/2005/10/msg00393.html
for mo
Hi,
this has been assigned CVE-2005-3393, please mention so in the changelog
when fixing this.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Just for the record, PHP 4.4.1 fixes more security problems
besides the ones discovered by the Hardened PHP Project.
I'm including the CVE assignments:
* Fixed multiple safe_mode/open_basedir bypass vulnerabilities
in ext/curl and ext/gd that could lead to exposure of
files normally not acces
Hi,
this issue is CVE-2005-1109 and was addressed by DSA-713 from 2005-04-13.
Do you have reason to believe that the fix used there was incomplete?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
the DSA text is indeed incorrect, this is unfixed in sid.
Attached is the patch from the DSA.
Cheers,
Moritz
diff -u graphviz-2.2.1/debian/changelog graphviz-2.2.1/debian/changelog
--- graphviz-2.2.1/debian/changelog
+++ graphviz-2.2.1/debian/changelog
@@ -1,3 +1,11 @@
+graphviz (2.2.1
Package: openvpn
Severity: important
Tags: security
Hi,
openvpn 2.0.4 fixes another security problem:
* Security fix -- Potential DoS vulnerability on the
server in TCP mode. If the TCP server accept() call
returns an error status, the resulting exception handler
may attempt to indirect th
Package: scorched3d
Version: 39.1+cvs20050929-1
Severity: grave
Tags: security
Justification: user security hole
Multiple vulnerabilities have been found in "Scorched 3D", some
of which may lead to arbitrary code execution. Please see
http://aluigi.altervista.org/adv/scorchbugs-adv.txt for more
de
Package: gtk+2.0
Severity: grave
Tags: security
Justification: user security hole
An integer overflow in gdk-pixbuf's XPM rendering code can be exploited
to overwrite the heap and exploit arbitrary code through crafted images.
Please see www.idefense.com/application/poi/display?id=339&type=vulnera
Package: ipw2200-source
Severity: wishlist
The package description should mention that the ipw2000 driver has
been merged into main line in 2.6.14 and is therefore available in
the stock linux-2.6 package as well. I'm sure many users are not
aware of that.
Cheers,
Moritz
-- System Inform
Loic Minier wrote:
> > An integer overflow in gdk-pixbuf's XPM rendering code can be exploited
> > to overwrite the heap and exploit arbitrary code through crafted images.
> > Please see
> > www.idefense.com/application/poi/display?id=339&type=vulnerabilities
> > for more details.
>
> Did you id
Loic Minier wrote:
> The Redhat security advisory also fixes CVE-2005-2975, for which I see
> no entry in the Debian changelog, could you please investifate on this
> id and report whether gtk1 and gtk2 are affected for Debian?
The vulnerability matrix for Woody and Sarge (the entries are the l
Debian Bug Tracking System wrote:
> Changes:
> gdk-pixbuf (0.22.0-11) unstable; urgency=high
> .
>* Fix for integer overflows in io-xpm.c which could be exploited to execute
> arbitrary code (CVE-2005-2975 and CVE-2005-2976 from
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?i
Ryan Murray wrote:
> On Wed, Nov 16, 2005 at 11:33:35PM +0100, Moritz Muehlenhoff wrote:
> > Debian Bug Tracking System wrote:
> > > Changes:
> > > gdk-pixbuf (0.22.0-11) unstable; urgency=high
> > > .
> > >* Fix for integer overflows in io-xpm
1 - 100 of 7496 matches
Mail list logo
